Help Infected! - Cannot be removed or Deleted [CLOSED]

Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

Help Infected! - Cannot be removed or Deleted [CLOSED], QLowZones-15

Options

JattUnit View Member Profile	Jun 23 2006, 07:09 PM Post #1
New Member Posts: 4 OS: windows xp	i need help McAfee keeps sayin infected by QLowZones-15 cannot remove or clean!! Logfile of HijackThis v1.99.1 Scan saved at 8:49:52 PM, on 6/23/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5346.0005) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe c:\program files\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ece057b8.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\PROGRA~1\COMMON~1\ICROSO~1\RNDLL~1.EXE C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\MSN Messenger\msnmsgr.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jas\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {55295066-CBA3-9403-A761-9A1C8198E092} - (no file) F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe" O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: CBHOBJObj Object - {8A406068-D45C-40B9-A096-38AC717FB608} - C:\WINDOWS\BHOBJ.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [StarSkin] C:\PROGRAM FILES\ROCKET DIVISION SOFTWARE\STARSKIN\STARSKIN.EXE -H O4 - HKLM\..\Run: [track monitor] C:\Program Files\MSN Track Monitor\msntrack.exe O4 - HKLM\..\Run: [ece057b8.exe] C:\WINDOWS\system32\ece057b8.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [order_Shell] C:\Documents and Settings\Jas\order_kcbh.exe O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe O4 - HKCU\..\Run: [0acd47f3.exe] C:\Documents and Settings\Jas\Local Settings\Application Data\0acd47f3.exe O4 - HKCU\..\Run: [ece057b8.exe] C:\Documents and Settings\Jas\Local Settings\Application Data\ece057b8.exe O4 - HKCU\..\Run: [Tfbdt] C:\PROGRA~1\COMMON~1\ICROSO~1\RNDLL~1.EXE O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stuntmanjas.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgCA2404.exe O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.zorpia.com/ImageUploader3.cab O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/1/sux.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A7621D3A-49D1-405E-9C07-451BA679D3C8}: NameServer = 4.2.2.2,4.2.2.3 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: C:\WINDOWS\system32\wuaclt.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: winwim32 - C:\WINDOWS\SYSTEM32\winwim32.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

__RiP_ChAiN_ View Member Profile	Jun 24 2006, 05:03 AM Post #2
Malware Expert Posts: 8,272 From: Omaha, Nebraska U.S.A OS: Windows XP Professional/Windows Vista Ultimate x64/x86	Hello, JattUnit. Open HijackThis, click Config, click Misc Tools Click "Open Uninstall Manager" Click "Save List" (generates uninstall_list.txt) Click Save, copy and paste the results in your next post.

JattUnit View Member Profile	Jun 24 2006, 07:10 AM Post #3
New Member Posts: 4 OS: windows xp	hey thanks for the reply ! Here It Is p.s the words such as adidas and yo mama and othe buzzer words in the are msn winks.. Adidas Adobe Acrobat - Reader 6.0.2 Update Adobe Bridge 1.0 Adobe Common File Installer Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Reader 6.0.1 Adobe Stock Photos 1.0 Anti-Leech Plugin for Internet Explorer AV Voice Changer Software 4.0 B.S Beer Burp Beer Girl Blah Blah Blah BlueSoleil Boring BrainFart Break Dancer Cat Laugh christmas 1 christmas 3 christmas 5 christmas 6 christmas17 christmas18 christmas19 christmas20 Classic PhoneTools Conexant D850 56K V.9x DFVc Modem CoreVorbis Audio Decoder (remove only) Cry Baby cryingpig Dell Digital Jukebox Driver Dell Driver Reset Tool Dell Photo AIO Printer 922 Dell Picture Studio v3.0 Dell Support 3.1 Disco Pickup Dominatrix Excited Foot In Mouth Go Away Google Toolbar for Internet Explorer Happy Dance Hasta Lavista Baby Head Spinning HijackThis 1.99.1 Hotfix for Windows XP (KB915865) Intel® Extreme Graphics 2 Driver Intel® PRO Network Adapters and Drivers Intel® PROSet for Wired Connections Internet Explorer 7 Beta 2 Internet Explorer Default Page iPod for Windows 2005-09-06 iPod for Windows 2006-01-10 iTunes J2SE Runtime Environment 5.0 Update 3 J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 7 Jasc Paint Shop Photo Album Jasc Paint Shop Pro 8 Dell Edition Java 2 Runtime Environment, SE v1.4.2_03 Kiss My Butt Kubuki Dance LimeWire 4.10.9 Logitech Desktop Messenger Logitech Print Service Logitech QuickCam Software Logitech VideoCall Logitech� Camera Driver machinedog Macromedia Flash Player 8 Macromedia Shockwave Player McAfee Personal Firewall Plus McAfee SecurityCenter McAfee SpamKiller McAfee VirusScan Messenger Plus! 3 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft Encarta Encyclopedia Standard 2005 Microsoft Money 2005 Microsoft Office 2000 Professional Microsoft Picture It! Premium 10 Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) Microsoft Streets and Trips 2005 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft Word 2002 Microsoft Works Microsoft Works 2005 Setup Launcher Microsoft Works Suite Add-in for Microsoft Word mIRC Modem Helper Morning After MSN MSN Messenger 7.5 Nero 7 Demo NetWaiting New.net Domains 7.22 Noose On The Run Peace Out 2 PowerDVD 5.5 QuickTime RealPlayer red_ssaver Sad Penguin Say What Screen Punch Hand Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB896688) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899588) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB905915) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB908531) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912812) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918439) Shockwave Sloppy One - 7up Sonic DLA Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sony ACID Pro 6.0a Sony Media Manager 2.1 StarSkin 2.5.2.5 StuffPlug-NG (Messenger Plus! Plugins) Tag your it Thumbs Up Times Up tutu01 tutu03 Uninstall CEDP Stealer 4.0 for MSN Messenger Unwanted Visitor Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB904942) Update for Windows XP (KB910437) Viewpoint Media Player Voodoo Waive Red Card WebCyberCoach 3.2 Dell Windows Genuine Advantage v1.3.0254.0 Windows Installer 3.1 (KB893803) Windows Media Encoder 7.1 Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player 11 Windows Media Player 11 Windows XP Hotfix - KB873333 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB885884 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB893086 WinRAR archiver WinZip www.meewinks.org - MeeWinks 11 XoftSpySE Yazzle by OIN Yikes Yo Yoda Your Mommas so fat Your Team Sucks

__RiP_ChAiN_ View Member Profile	Jun 24 2006, 12:09 PM Post #4
Malware Expert Posts: 8,272 From: Omaha, Nebraska U.S.A OS: Windows XP Professional/Windows Vista Ultimate x64/x86	Hello, JattUnit. First, Download LSPFix.exe to a convenient location. Do NOT run this program. This is only to be used if you lose Internet Access after removing NewDotNet. Using Add Or Remove Programs remove the following entries (if present): (To get into add Or Remove Programs press the START button > Control Panel > Add Or Remove Programs.) LimeWire 4.10.9 New.net Domains 7.22 Viewpoint Media Player Yazzle by OIN In the event that you lose Internet access after removing New.Net, please double-click LSPFix.exe that you downloaded earlier. Check the "I know what I'm doing" button. You will see 2 panels. If there is any file listed in the "Remove" panel on the right-side, leave it as is and just click "Finish>>" then reboot your computer and you should now have access to the Internet. If nothing is listed under the "Remove Panel", do NOT do anything - just close the program. You will need to use another computer to come back here for further instructions on what to do. Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later. Please download ewido anti-malware it is a free version of the program. Install ewido anti-malware When installing, under "Additional Options" uncheck.. Install background guard Install scan via context menu Launch ewido, there should be an icon on your desktop, double-click it. The program will now open to the main screen. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment. You will need to update ewido to the latest definition files. On the left hand side of the main screen click update. Then click on Start Update. The update will start and a progress bar will show the updates being installed. (the status bar at the bottom will display ("Update successful") Close Ewido. If you are having problems with the updater, you can use this link to manually update ewido. ewido manual updates Boot into Safe Mode: 1) Restart your computer 2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8. 3) Instead of Windows loading as normal, a menu should appear 4) Select the first option, to run Windows in Safe Mode. Open Ewido. Click on scanner Click on Complete System Scan and the scan will begin. You will be prompted to clean the first infection. Select "Perform action on all infections", then proceed. Once the scan has completed, there will be a button located on the bottom of the screen named Save report Click Save report. Save the report .txt file to your desktop or a location where you can find it easily. Close ewido anti-malware. Reboot into Normal Mode. Please include a fresh HijackThis log and the Ewido log in your next reply.

JattUnit

Jun 25 2006, 11:06 AM

Post #5

New Member

Posts: 4
OS: windows xp

hey sorry i wasent on yesterday

Heres the HackLog

Logfile of HijackThis v1.99.1
Scan saved at 1:01:44 PM, on 6/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\rundll32.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\ece057b8.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jas\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {55295066-CBA3-9403-A761-9A1C8198E092} - (no file)
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: CBHOBJObj Object - {8A406068-D45C-40B9-A096-38AC717FB608} - C:\WINDOWS\BHOBJ.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StarSkin] C:\PROGRAM FILES\ROCKET DIVISION SOFTWARE\STARSKIN\STARSKIN.EXE -H
O4 - HKLM\..\Run: [track monitor] C:\Program Files\MSN Track Monitor\msntrack.exe
O4 - HKLM\..\Run: [ece057b8.exe] C:\WINDOWS\system32\ece057b8.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [order_Shell] C:\Documents and Settings\Jas\order_kcbh.exe
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\system32\0mcamcap.exe
O4 - HKCU\..\Run: [0acd47f3.exe] C:\Documents and Settings\Jas\Local Settings\Application Data\0acd47f3.exe
O4 - HKCU\..\Run: [ece057b8.exe] C:\Documents and Settings\Jas\Local Settings\Application Data\ece057b8.exe
O4 - HKCU\..\Run: [Tfbdt] C:\PROGRA~1\COMMON~1\ICROSO~1\RNDLL~1.EXE
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stuntmanjas.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgCA2404.exe
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.zorpia.com/ImageUploader3.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/1/sux.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7621D3A-49D1-405E-9C07-451BA679D3C8}: NameServer = 4.2.2.2,4.2.2.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\wuaclt.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: winwim32 - C:\WINDOWS\SYSTEM32\winwim32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

And Heres The Ewido

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:26:47 PM 6/25/2006

+ Scan result:

HKU\S-1-5-21-2252681928-1983916559-4167573468-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA0D26BD-9029-431A-86E0-83152D67828A} -> Adware.180Solutions : No action taken.
C:\WINDOWS\azesearch.bmp -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\AZESearchCo -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\AZESearchCo\AZESearch -> Adware.Azsearch : No action taken.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : No action taken.
HKU\S-1-5-21-2252681928-1983916559-4167573468-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19EF336-01D4-48E6-926A-FE7E1C747AED} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2252681928-1983916559-4167573468-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA7FF3F8-08BE-4CAC-BC00-94D91C6AE7F4} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2252681928-1983916559-4167573468-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F65B197F-8260-4D52-909A-F70118E646EB} -> Adware.MWSearch : No action taken.
C:\Program Files\NewDotNet -> Adware.NewDotNet : No action taken.
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : No action taken.
C:\Program Files\Common Files\Μicrosoft\rυndll.exe -> Adware.PurityScan : No action taken.
C:\Documents and Settings\Jas\Local Settings\Temp\win1D6.tmp -> Adware.Virtumonde : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{8A406068-D45C-40B9-A096-38AC717FB608} -> Adware.WebDir : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A406068-D45C-40B9-A096-38AC717FB608} -> Adware.WebDir : No action taken.
HKU\S-1-5-21-2252681928-1983916559-4167573468-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A406068-D45C-40B9-A096-38AC717FB608} -> Adware.WebDir : No action taken.
C:\Documents and Settings\Karanjit\Local Settings\Temporary Internet Files\Content.IE5\6AK9JZ3V\popup[1].htm -> Downloader.IstBar.ai : No action taken.
C:\WINDOWS\Temp\win15E.tmp.exe -> Downloader.IstBar.eq : No action taken.
C:\WINDOWS\Temp\win88.tmp.exe -> Downloader.IstBar.eq : No action taken.
C:\Documents and Settings\Kashmir\Local Settings\Temporary Internet Files\Content.IE5\M5N8TGZE\drsmartload_js[1].htm -> Downloader.IstBar.j : No action taken.
C:\WINDOWS\Temp\win152.tmp.exe -> Downloader.Obfuscated.a : No action taken.
C:\WINDOWS\Temp\win81.tmp.exe -> Downloader.Obfuscated.a : No action taken.
C:\WINDOWS\Temp\win9A.tmp.exe -> Downloader.Obfuscated.a : No action taken.
C:\WINDOWS\Temp\OA.exe -> Downloader.PurityScan.cq : No action taken.
C:\Documents and Settings\Jas\Local Settings\Temporary Internet Files\Content.IE5\4I2JN9AV\send_ocx_sof[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : No action taken.
C:\Documents and Settings\Jas\Local Settings\Temporary Internet Files\Content.IE5\YMNPF4DJ\send_ocx_sof[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : No action taken.
C:\WINDOWS\system32\dllcache\win32\psshutdown.exe -> Not-A-Virus.HackTool.Win32.Brumer.e : No action taken.
C:\WINDOWS\system32\dllcache\win32\red.exe -> Not-A-Virus.RemoteAdmin.Win32.NirComLine.12 : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@247realmedia[2].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@247realmedia[2].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@ads.addynamix[2].txt -> TrackingCookie.Addynamix : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@ads.addynamix[1].txt -> TrackingCookie.Addynamix : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@adjuggler[1].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@adrevolver[1].txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@bfast[1].txt -> TrackingCookie.Bfast : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@bfast[1].txt -> TrackingCookie.Bfast : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@www.burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@centrport[1].txt -> TrackingCookie.Centrport : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@clickbank[1].txt -> TrackingCookie.Clickbank : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@clickhype[1].txt -> TrackingCookie.Clickhype : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@com[2].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@e-2dj6wjnyapdpccp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@as-eu.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@as-us.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@as1.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@secure.fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@ehg-bestbuy.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@ehg-hitent.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@ehg-ubisoft.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@hypertracker[2].txt -> TrackingCookie.Hypertracker : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@linksynergy[1].txt -> TrackingCookie.Linksynergy : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@sales.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@stat.onestat[2].txt -> TrackingCookie.Onestat : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@qksrv[1].txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@questionmarket[1].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@questionmarket[1].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@revenue[1].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@spylog[2].txt -> TrackingCookie.Spylog : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@starware[2].txt -> TrackingCookie.Starware : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@targetnet[2].txt -> TrackingCookie.Targetnet : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@trafficmp[1].txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@trafficmp[2].txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@pmads.valuead[1].txt -> TrackingCookie.Valuead : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Jas\Cookies\jas@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Kashmir\Cookies\kashmir@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Karanjit\Cookies\karanjit@zedo[1].txt -> TrackingCookie.Zedo : No action taken.
C:\WINDOWS\system32\winwim32.dll -> Trojan.Agent.vg : No action taken.
[204] C:\WINDOWS\system32\winwim32.dll -> Trojan.Agent.vg : No action taken.
C:\WINDOWS\Temp\win169.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\WINDOWS\Temp\win1E1.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\WINDOWS\Temp\win392.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\WINDOWS\Temp\win399.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\WINDOWS\Temp\win3CD.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\WINDOWS\Temp\win4DE.tmp.exe -> Trojan.Dialer.oy : No action taken.
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe -> Trojan.Sinowal.p : No action taken.
C:\WINDOWS\system32\1024 -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld100A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld10D8.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1379.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld13B5.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld14F2.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld153.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld15AF.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld15F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1A00.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1B2A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1B3C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1BA1.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1C3C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1C97.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1CF3.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1D2C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1ED3.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1EEB.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld1FF9.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2261.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld23C5.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld23CC.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2528.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2541.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld25F7.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld280E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2885.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2B20.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2BA7.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2BE.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2CBA.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2D21.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2E16.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2EAC.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld2EB3.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld307B.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld32FC.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3444.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld34D3.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3581.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld35EB.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld35F0.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld369E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3B1D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3C48.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3C4A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3CCF.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3D0F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3DA5.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3E21.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3E34.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld3EC6.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4018.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld40DB.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld414.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4174.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld419.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld41F1.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld437F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld44EA.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld452D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4620.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4636.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4763.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld476F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld490D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4B39.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4BA.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4C5D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4CC4.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4E36.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4E3F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4FE0.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld4FE9.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld506D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5199.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5449.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld55C2.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5614.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld567F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld56AA.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5748.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld578D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5C0C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5D48.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5D75.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5DCD.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5EA4.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5EF8.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5F9C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld601D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6175.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld638F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6409.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld647D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld65E8.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld66B8.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld672E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6744.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld68C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld68DF.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6A69.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6B2.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6D8A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6DE2.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6E3B.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld6F6D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7107.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld713C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7498.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld75A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7613.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld76B1.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld776E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7770.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7895.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld789B.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7910.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7D1A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7D81.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7E76.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7EC2.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7F78.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld7FD1.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld80E9.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld813E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld8283.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld82A2.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld8588.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld859B.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld86E1.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld86F6.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld8833.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld8862.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld88F8.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld89DD.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld8BD5.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld8EE7.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld8EF0.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld90B9.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld90D0.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9234.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld926A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9677.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld96FE.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9750.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld97F9.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld985D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld987E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld998A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9A3F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9B57.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9E19.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9F3.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9F4B.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld9F74.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA03E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA0D0.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA226.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA3E3.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA41D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA47C.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA5A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA6B9.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA7EE.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA7EF.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA814.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA99F.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldA9AF.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldAA16.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldAB1A.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldAD31.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldAD6.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB03D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB1AA.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB1C7.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB332.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB4A8.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB4FB.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB83E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB840.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB8D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB965.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB96B.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB973.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldB97D.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldBAB7.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldBB3E.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldBD20.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldBF37.tmp -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ldC092.tmp -> Trojan.Small : No action ta